QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-2969

Back to search

CVE-2005-2969

Published: Oct 18, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

VendorProductVersions

n/a

n/a

affected
n/a

References

17259
third-party-advisory
x_refsource_SECUNIA
23915
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2005:061
vendor-advisory
x_refsource_SUSE
26893
third-party-advisory
x_refsource_SECUNIA
17389
third-party-advisory
x_refsource_SECUNIA
ADV-2005-3056
vdb-entry
x_refsource_VUPEN
ADV-2007-2457
vdb-entry
x_refsource_VUPEN
17813
third-party-advisory
x_refsource_SECUNIA
15071
vdb-entry
x_refsource_BID
18165
third-party-advisory
x_refsource_SECUNIA
23340
third-party-advisory
x_refsource_SECUNIA
18123
third-party-advisory
x_refsource_SECUNIA
DSA-881
vendor-advisory
x_refsource_DEBIAN
ADV-2005-2659
vdb-entry
x_refsource_VUPEN
24799
vdb-entry
x_refsource_BID
DSA-882
vendor-advisory
x_refsource_DEBIAN
17153
third-party-advisory
x_refsource_SECUNIA
SSRT071299
vendor-advisory
x_refsource_HP
TSLSA-2005-0059
vendor-advisory
x_refsource_TRUSTIX
17191
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2908
vdb-entry
x_refsource_VUPEN
1015032
vdb-entry
x_refsource_SECTRACK
17344
third-party-advisory
x_refsource_SECUNIA
19185
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2036
vdb-entry
x_refsource_VUPEN
17589
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2710
vdb-entry
x_refsource_VUPEN
ADV-2005-3002
vdb-entry
x_refsource_VUPEN
31492
third-party-advisory
x_refsource_SECUNIA
17466
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0629
vendor-advisory
x_refsource_REDHAT
17146
third-party-advisory
x_refsource_SECUNIA
17169
third-party-advisory
x_refsource_SECUNIA
ADV-2007-0343
vdb-entry
x_refsource_VUPEN
23280
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2005-11-29
vendor-advisory
x_refsource_APPLE
23843
third-party-advisory
x_refsource_SECUNIA
17189
third-party-advisory
x_refsource_SECUNIA
21827
third-party-advisory
x_refsource_SECUNIA
17288
third-party-advisory
x_refsource_SECUNIA
HPSBUX02186
vendor-advisory
x_refsource_HP
MDKSA-2005:179
vendor-advisory
x_refsource_MANDRIVA
17632
third-party-advisory
x_refsource_SECUNIA
ADV-2007-0326
vdb-entry
x_refsource_VUPEN
17409
third-party-advisory
x_refsource_SECUNIA
25973
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11454
vdb-entry
signature
x_refsource_OVAL
17888
third-party-advisory
x_refsource_SECUNIA
17210
third-party-advisory
x_refsource_SECUNIA
DSA-875
vendor-advisory
x_refsource_DEBIAN
ADV-2006-3531
vdb-entry
x_refsource_VUPEN
17178
third-party-advisory
x_refsource_SECUNIA
HPSBUX02174
vendor-advisory
x_refsource_HP
17432
third-party-advisory
x_refsource_SECUNIA
17180
third-party-advisory
x_refsource_SECUNIA
101974
vendor-advisory
x_refsource_SUNALERT
15647
vdb-entry
x_refsource_BID
17335
third-party-advisory
x_refsource_SECUNIA
RHSA-2005:762
vendor-advisory
x_refsource_REDHAT
RHSA-2005:800
vendor-advisory
x_refsource_REDHAT
17151
third-party-advisory
x_refsource_SECUNIA
18663
third-party-advisory
x_refsource_SECUNIA
17617
third-party-advisory
x_refsource_SECUNIA
SSRT061239
vendor-advisory
x_refsource_HP
18045
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now